Trojaner-Board - Hilfe - neue Attacke TR\Vundo - bitte Logfile checken

Hallo zusammen,

nachdem das System bereinigt schien, erhielt ich von Norton eine weitere Tronaermeldung (Vundo), wobei die Datei isoliert wurde. Ein Check mit Malwarebytes erbrachte kein Ergebnis. HIer das aktuelle HijackThis Logfile. Könnte mir bitte jemand Feedback hierzu geben - Danke!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36:49, on 19.12.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\taskswitch.exe
C:\WINDOWS\System32\fast.exe
D:\CREATIVE\SBAUDIGY2\SURROUND MIXER\CTSYSVOL.EXE
C:\Programme\NavNT\vptray.exe
C:\Programme\Microsoft IntelliPoint\point32.exe
C:\Programme\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Gemeinsame Dateien\AAV\aavus.exe
D:\FRITZ!DSL\IGDCTRL.EXE
D:\FRITZ!DSL\FwebProt.exe
D:\FRITZ!DSL\StCenter.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Cisco Systems\Cisco VPN Client\cvpnd.exe
C:\Programme\NavNT\defwatch.exe
C:\WINDOWS\system32\cba\pds.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7Debug\mdm.exe
C:\Programme\NavNT\rtvscan.exe
C:\WINDOWS\System32\nvsvc32.exe
D:\PerfectDisk2008\PD91Agent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\cba\xfr.exe
C:\WINDOWS\System32\Fast.exe
C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\MsgSys.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Programme\Trend Micro\HijackThis\HijackThis.exe
C:\Programme\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 218.223.221.217:8080
O2 - BHO: (no name) - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - (no file)
O2 - BHO: Trixie.Bho - {B0744341-96E0-4341-9ED2-8BC36CE0CCD0} - mscoree.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - D:\CANON\EASY-WEBPRINT\TOOLBAND.DLL
O4 - HKLM\..\Run: [BackgroundSwitcher] C:\WINDOWS\System32\bgswitch.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\System32\taskswitch.exe
O4 - HKLM\..\Run: [FastUser] C:\WINDOWS\System32\fast.exe
O4 - HKLM\..\Run: [CTSysVol] D:\CREATIVE\SBAUDIGY2\SURROUND MIXER\CTSYSVOL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [vptray] C:\Programme\NavNT\vptray.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Programme\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [PSDrvCheck] C:\WINDOWS\system32\PSDrvCheck.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Programme\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - S-1-5-18 Startup: FRITZ!DSL Protect.lnk = D:\FRITZ!DSL\FwebProt.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: FRITZ!DSL Startcenter.lnk = D:\FRITZ!DSL\StCenter.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: FRITZ!DSL Protect.lnk = D:\FRITZ!DSL\FwebProt.exe (User 'Default user')
O4 - .DEFAULT Startup: FRITZ!DSL Startcenter.lnk = D:\FRITZ!DSL\StCenter.exe (User 'Default user')
O4 - Startup: FRITZ!DSL Protect.lnk = D:\FRITZ!DSL\FwebProt.exe
O4 - Startup: FRITZ!DSL Startcenter.lnk = D:\FRITZ!DSL\StCenter.exe
O8 - Extra context menu item: Nach Microsoft &Excel exportieren - RES://D:\OFFICE~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Tri&xie Options... - {20CCCFEC-D26F-4ffe-996B-388B39C8CCCA} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - D:\DAP\DAP.EXE
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: (no name) - AutorunsDisabled - (no file) (HKCU)
O15 - Trusted Zone: *.******.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\GEMEIN~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: rzfrxi.dll
O23 - Service: AAV UpdateService - Unknown owner - C:\Programme\Gemeinsame Dateien\AAV\aavus.exe
O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - E:\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe (file missing)
O23 - Service: ASP.NET-Zustandsdienst (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: AVM IGD CTRL Service - AVM Berlin - D:\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\Cisco VPN Client\cvpnd.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Programme\NavNT\defwatch.exe
O23 - Service: Intel File Transfer - Intel Corporation - C:\WINDOWS\system32\cba\xfr.exe
O23 - Service: Intel PDS - Intel Corporation - C:\WINDOWS\system32\cba\pds.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programme\Gemeinsame Dateien\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Programme\NavNT\rtvscan.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - D:\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - D:\PerfectDisk2008\PD91Engine.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - Unknown owner - E:\SiSoftware\SiSoftware Sandra Lite XI.SP1\Win32\RpcDataSrv.exe (file missing)
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - D:\SiSoftware\SiSoftware Sandra Lite XI.SP1\RpcSandraSrv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 7512 bytes